AgentTesla botnet controller @35.208.227.83

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

Malware botnet controller located at 35.208.227.83 on port 587 TCP:

From: relogs@tiee.mx
To: relogs@tiee.mx

$ telnet 35.208.227.83 587
Trying 35.208.227.83…
Connected to 35.208.227.83.
Escape character is ‘^]’

$ nslookup 35.208.227.83
83.227.208.35.bc.googleusercontent.com

$ dig +short tiee.mx
35.208.227.83

Referencing malware samples:
MD5 154b9a5a3f487ddffe4ab579b4556c1f

Опубликовано
В рубрике google.com

Добавить комментарий

Ваш адрес email не будет опубликован.